Compliance and security management is the art of mitigating the risks faced by the enterprise. As legislative requirements continue to permeate all industries, the compliance and security functions are evolving and expanding to encompass risk management as well. Given these forces and business drivers, the need for creating a Chief Risk Officer (CRO) position is growing. This research note discusses:
- How the risks posed by compliance and security lack true ownership.
- Why compliance and security risks need a designated owner.
- What the CRO would be responsible for, as well as specific job duties.
- Tips for recruiting a CRO.
Companies with strong compliance requirements should employ a CRO to assume responsibility for managing compliance and security risks across the enterprise.